Published:2016/04/06  Last Updated:2016/04/07

JVN#26627848
baserCMS plugin "Menubook Plugin" multiple vulnerabilities

Overview

baserCMS plugin "Menubook Plugin" contains multiple vulnerabilities.

Products Affected

  • Menubook Plugin Ver.0.9.2 and earlier

Description

baserCMS plugin "Menubook Plugin" contains multiple vulnerabilities:

  • Cross-site scripting (CWE-79) - CVE-2016-1169
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0
  • Cross-site request forgery (CWE-352) - CVE-2016-1170
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6

Impact

The affect of each vulnerability is as follows.

  • An arbitrary script may be executed on the user's web browser - CVE-2016-1169
  • An arbitrary administrative operation such as setting alteration may be performed - CVE-2016-1170

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Vendor Status

Vendor Link
Hiniarata Co.,Ltd. Important notice for our plugin products users

References

JPCERT/CC Addendum

According to the information provided by the developer, these vulnerabilities were addressed in the following products:

  • baserCMS plugin "Recruit Plugin" Ver.0.9.2 and earlier
  • baserCMS plugin "Casebook Plugin" Ver.0.9.3 and earlier
  • baserCMS plugin "Schedule Plugin" Ver.0.9.5 and earlier
  • baserCMS plugin "Menubook Plugin" Ver.0.9.2 and earlier
  • baserCMS plugin "Cast Plugin" Ver.0.9.2 and earlier
  • baserCMS plugin "Voice Plugin" Ver.0.9.6 and earlier
Note that the cross-site scripting vulnerability mentioned in this advisory has been assigned CVE-2016-1169 and the cross-site request forgery vulnerability has been assigned CVE-2016-1170 for the products listed here.

Vulnerability Analysis by JPCERT/CC

Credit

Takaesu Isao of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2016-1169
CVE-2016-1170
JVN iPedia JVNDB-2016-000042
JVNDB-2016-000043

Update History

2016/04/07
CVE identifiers were re-assigned and a note in the "JPCERT/CC Addendum" has been added.